Use npm to manage your project. Create a package.json, install and update packages, separate dependencies from devDependencies, run scripts, read version ranges, and use workspaces.
Why: package.json is your project's ID card — it records the name, scripts, and every package your project depends on.
$ pnpm initWhy: a package is reusable code written by someone else. Installing it downloads it into a node_modules folder and records it in package.json so anyone can reinstall the exact same set later.
$ pnpm add express// app.js
// after installing, import and use it
import express from 'express'
const app = express()Why: dependencies are packages your app needs to run in production (like a web framework). devDependencies are tools you only need while building (like a test runner). Use the dev flag to mark the second kind so they are not shipped to production.
$ pnpm add -D vitest// package.json
{
"dependencies": {
"express": "^4.19.2" // needed to run the app
},
"devDependencies": {
"vitest": "^2.0.0" // only needed while developing
}
}Why: scripts are named shortcuts for terminal commands, stored in package.json. Instead of remembering a long command, you type "pnpm/npm run <name>". The "start" and "test" names are special — you can run them as "pnpm/npm start" and "pnpm/npm test".
// package.json
{
"scripts": {
"start": "node server.js",
"dev": "node --watch server.js",
"test": "vitest"
}
}Why: versions look like 4.19.2 = MAJOR.MINOR.PATCH. A breaking change bumps MAJOR, new features bump MINOR, bug fixes bump PATCH. So "^4.19.2" allows any 4.x.x (minor + patch updates, up to but not including 5.0.0), "~4.19.2" allows 4.19.x only (patch updates), and "4.19.2" pins exactly that version. The carets and tildes let you get safe fixes without surprise breaking changes.
Why: workspaces let a single repository hold several related packages (a "monorepo") that can depend on each other, all sharing one install. Useful when, say, a web app and a shared utility library live together.
// package.json at the repo root
{
"name": "my-monorepo",
"private": true,
"workspaces": ["packages/*"]
}
// packages/web and packages/utils are now linked together